Commit 260778ef authored by mcb's avatar mcb

Merge branch 'dmp_dev' of http://gitlab.ioubuy.cn/yaobenzhang/jz-dmp-service into dmp_dev

parents b4d12061 862827a8
package com.jz.common.constant;
/**常量
* @author ybz
*
*/
public class StatuConstant {
public final static String SUCCESS_CODE = "200";
public final static String FAILURE_CODE = "201";
/*****************************************************************************/
//第三方请求返回结果码定义
public static String CODE_SUCCESS = "000";
public static String MSG_SUCCESS = "操作成功";
public static String CODE_ERROR_REQUESTMETHOD = "100";
public static String MSG_ERROR_REQUESTMETHOD = "请求方式错误(只支持POST方式请求)";
public static String CODE_ERROR_PARAMETER = "101";
public static String MSG_ERROR_PARAMETER = "参数不正确(格式不正确或必填参数为空)";
public static String CODE_ERROR_CITYCODE = "102";
public static String MSG_ERROR_CITYCODE = "城市区域代码错误";
public static String CODE_NOT_SIGNED = "103";
public static String MSG_NOT_SIGNED = "尚未登录或者登录已过期";
public static String CODE_DATA_EXISTED = "106";
public static String MSG_DATA_EXISTED = "企业已备案,请勿重复备案";
public static String CODE_ERROR_USERNAMEORPASSWD = "107";
public static String MSG_ERROR_USERNAMEORPASSWD = "用户名或密码错误";
public static String CODE_USER_LOGGEDOFF = "108";
public static String MSG_USER_LOGGEDOFF = "用户已注销";
public static String CODE_PERMISSION_NO = "109";
public static String MSG_PERMISSION_NO = "权限不足,请联系管理员";
public static String CODE_DATA_NOTMEET = "201";
public static String MSG_DATA_NOTMEET = "数据不符合业务处理要求";
public static String CODE_SYS_EXCEPTION = "500";
public static String MSG_SYS_EXCEPTION = "系统异常,请联系接口提供方";
}
package com.jz.common.interceptor; package com.jz.common.interceptor;
import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
...@@ -9,14 +11,17 @@ import javax.servlet.http.HttpServletRequest; ...@@ -9,14 +11,17 @@ import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
//import com.jz.dmp.web.ui.modules.sys.repository.domain.DmpSystemMenu; import com.jz.dmp.modules.model.DmpPermission;
//import com.jz.dmp.web.ui.modules.sys.service.DmpSystemMenuService; import com.jz.dmp.modules.service.sys.DmpPermissionService;
/** /**
* @ClassName: MyInvocationSecurityMetadataSource * @ClassName: MyInvocationSecurityMetadataSource
...@@ -32,8 +37,8 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur ...@@ -32,8 +37,8 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
private boolean isExpire;//加载资源是否过期 private boolean isExpire;//加载资源是否过期
//@Autowired @Autowired
//private DmpSystemMenuService dspSystemMenuService; private DmpPermissionService dmpPermissionService;
private Map<String, Collection<ConfigAttribute>> map = null; private Map<String, Collection<ConfigAttribute>> map = null;
...@@ -44,18 +49,17 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur ...@@ -44,18 +49,17 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
Collection<ConfigAttribute> configAttributes; Collection<ConfigAttribute> configAttributes;
ConfigAttribute cfg; ConfigAttribute cfg;
System.err.println("1234444444444444444--------------------"); List<DmpPermission> resources = dmpPermissionService.findAllList();
/*List<DmpSystemMenu> resources = dspSystemMenuService.findAllList(); for (DmpPermission permission : resources) {
for (DmpSystemMenu dspSystemMenu : resources) {
configAttributes = new ArrayList<>(); configAttributes = new ArrayList<>();
cfg = new SecurityConfig(dspSystemMenu.getMenuTarget()); cfg = new SecurityConfig(permission.getPermissionCode());
//此处只添加了用户的名字,其实还可以添加更多的权限信息,例如请求方法到ConfigAttribute的集合中去。 //此处只添加了用户的名字,其实还可以添加更多的权限信息,例如请求方法到ConfigAttribute的集合中去。
//此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。 //此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
configAttributes.add(cfg); configAttributes.add(cfg);
//用权限的getUrl()作为map的key,用configAttribute的集合作为value。 //用权限的getUrl()作为map的key,用configAttribute的集合作为value。
map.put(dspSystemMenu.getMenuHref(), configAttributes); map.put(permission.getPermissionUrl(), configAttributes);
}*/ }
} }
......
...@@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur ...@@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.jz.common.constant.StatuConstant;
import com.jz.common.interceptor.MyFilterSecurityInterceptor; import com.jz.common.interceptor.MyFilterSecurityInterceptor;
@Configuration @Configuration
...@@ -33,8 +34,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ...@@ -33,8 +34,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_FORBIDDEN); response.setStatus(HttpServletResponse.SC_FORBIDDEN);
PrintWriter out = response.getWriter(); PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>(); Map<String,Object> map = new HashMap<String,Object>();
map.put("code",403); map.put("code",StatuConstant.CODE_NOT_SIGNED);
map.put("message","未登录"); map.put("message",StatuConstant.MSG_NOT_SIGNED);
out.write(JSONObject.toJSONString(map)); out.write(JSONObject.toJSONString(map));
out.flush(); out.flush();
out.close(); out.close();
...@@ -50,9 +51,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ...@@ -50,9 +51,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
PrintWriter out = response.getWriter(); PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>(); Map<String,Object> map = new HashMap<String,Object>();
map.put("code",401); map.put("code",StatuConstant.CODE_ERROR_USERNAMEORPASSWD);
if (ex instanceof UsernameNotFoundException || ex instanceof BadCredentialsException) { if (ex instanceof UsernameNotFoundException || ex instanceof BadCredentialsException) {
map.put("message","用户名或密码错误"); map.put("message",StatuConstant.MSG_ERROR_USERNAMEORPASSWD);
} else if (ex instanceof DisabledException) { } else if (ex instanceof DisabledException) {
map.put("message","账户被禁用"); map.put("message","账户被禁用");
} else { } else {
...@@ -65,7 +66,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ...@@ -65,7 +66,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
//登录成功,返回json //登录成功,返回json
.successHandler((request,response,authentication) -> { .successHandler((request,response,authentication) -> {
Map<String,Object> map = new HashMap<String,Object>(); Map<String,Object> map = new HashMap<String,Object>();
map.put("code",200); map.put("code",StatuConstant.CODE_SUCCESS);
map.put("message","登录成功"); map.put("message","登录成功");
map.put("data",authentication); map.put("data",authentication);
response.setContentType("application/json;charset=utf-8"); response.setContentType("application/json;charset=utf-8");
...@@ -84,8 +85,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ...@@ -84,8 +85,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_FORBIDDEN); response.setStatus(HttpServletResponse.SC_FORBIDDEN);
PrintWriter out = response.getWriter(); PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>(); Map<String,Object> map = new HashMap<String,Object>();
map.put("code",403); map.put("code",StatuConstant.CODE_PERMISSION_NO);
map.put("message", "权限不足"); map.put("message", StatuConstant.MSG_PERMISSION_NO);
out.write(JSONObject.toJSONString(map)); out.write(JSONObject.toJSONString(map));
out.flush(); out.flush();
out.close(); out.close();
...@@ -95,7 +96,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ...@@ -95,7 +96,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
//退出成功,返回json //退出成功,返回json
.logoutSuccessHandler((request,response,authentication) -> { .logoutSuccessHandler((request,response,authentication) -> {
Map<String,Object> map = new HashMap<String,Object>(); Map<String,Object> map = new HashMap<String,Object>();
map.put("code",200); map.put("code",StatuConstant.CODE_SUCCESS);
map.put("message","退出成功"); map.put("message","退出成功");
map.put("data",authentication); map.put("data",authentication);
response.setContentType("application/json;charset=utf-8"); response.setContentType("application/json;charset=utf-8");
......
package com.jz.dmp.modules.controller.sys.bean;
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.BeanUtils;
import com.jz.dmp.modules.model.DmpPermission;
public class MyDmpPermissionConverter {
private static MyDmpPermissionConverter instance;
private MyDmpPermissionConverter() {};
public synchronized static MyDmpPermissionConverter INSTANCE() {
if (instance==null) {
instance = new MyDmpPermissionConverter();
}
return instance;
}
public DmpPermissionDto domain2dto(DmpPermission dmpPermission) {
DmpPermissionDto dmpPermissionDto = new DmpPermissionDto();
BeanUtils.copyProperties(dmpPermission, dmpPermissionDto);
return dmpPermissionDto;
}
public List<DmpPermissionDto> domain2dto(List<DmpPermission> dmpPermissions) {
List<DmpPermissionDto> dmpPermissionDtos = new ArrayList<DmpPermissionDto>();
dmpPermissions.stream().forEach(x -> {
dmpPermissionDtos.add(domain2dto(x));
});
return dmpPermissionDtos;
}
public DmpPermission dto2domain(DmpPermissionDto dmpPermissionDto) {
DmpPermission dmpPermission = new DmpPermission();
BeanUtils.copyProperties(dmpPermissionDto, dmpPermission);
return dmpPermission;
}
public List<DmpPermission> dto2domain(List<DmpPermissionDto> dmpPermissionDtos) {
List<DmpPermission> dmpPermissions = new ArrayList<DmpPermission>();
dmpPermissionDtos.stream().forEach(x -> {
dmpPermissions.add(domain2dto(x));
});
return dmpPermissions;
}
}
...@@ -88,4 +88,14 @@ public interface DmpPermissionMapper { ...@@ -88,4 +88,14 @@ public interface DmpPermissionMapper {
*/ */
public List<DmpPermission> findByRoles(@Param("dmpRoles")List<DmpRole> dmpRoles)throws Exception; public List<DmpPermission> findByRoles(@Param("dmpRoles")List<DmpRole> dmpRoles)throws Exception;
/**
* @Title: findAllListWithUrlNotNull
* @Description: TODO(获取所有url不为null资源)
* @param @return
* @param @throws Exception 参数
* @return List<DmpPermissionDto> 返回类型
* @throws
*/
public List<DmpPermissionDto> findAllListWithUrlNotNull()throws Exception;
} }
...@@ -80,4 +80,13 @@ public interface DmpPermissionService { ...@@ -80,4 +80,13 @@ public interface DmpPermissionService {
*/ */
public List<DmpPermission> findPermissionByRoles(List<DmpRole> dmpRoles); public List<DmpPermission> findPermissionByRoles(List<DmpRole> dmpRoles);
/**
* @Title: findAllList
* @Description: TODO(获取所有可用资源)
* @param @return 参数
* @return List<DmpPermission> 返回类型
* @throws
*/
public List<DmpPermission> findAllList();
} }
...@@ -21,7 +21,6 @@ import com.github.pagehelper.PageInfo; ...@@ -21,7 +21,6 @@ import com.github.pagehelper.PageInfo;
import com.jz.common.bean.BaseBeanResponse; import com.jz.common.bean.BaseBeanResponse;
import com.jz.common.bean.BaseResponse; import com.jz.common.bean.BaseResponse;
import com.jz.common.bean.PageInfoResponse; import com.jz.common.bean.PageInfoResponse;
import com.jz.common.constant.Constants;
import com.jz.common.constant.ResultCode; import com.jz.common.constant.ResultCode;
import com.jz.common.persistence.BaseService; import com.jz.common.persistence.BaseService;
import com.jz.dmp.modules.controller.sys.bean.DmpMemberBatch; import com.jz.dmp.modules.controller.sys.bean.DmpMemberBatch;
......
...@@ -29,6 +29,7 @@ import com.jz.common.persistence.BaseService; ...@@ -29,6 +29,7 @@ import com.jz.common.persistence.BaseService;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionBatch; import com.jz.dmp.modules.controller.sys.bean.DmpPermissionBatch;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionDto; import com.jz.dmp.modules.controller.sys.bean.DmpPermissionDto;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionRequest; import com.jz.dmp.modules.controller.sys.bean.DmpPermissionRequest;
import com.jz.dmp.modules.controller.sys.bean.MyDmpPermissionConverter;
import com.jz.dmp.modules.dao.sys.DmpPermissionMapper; import com.jz.dmp.modules.dao.sys.DmpPermissionMapper;
import com.jz.dmp.modules.model.DmpPermission; import com.jz.dmp.modules.model.DmpPermission;
import com.jz.dmp.modules.model.DmpRole; import com.jz.dmp.modules.model.DmpRole;
...@@ -318,4 +319,25 @@ public class DmpPermissionServiceImpl extends BaseService implements DmpPermissi ...@@ -318,4 +319,25 @@ public class DmpPermissionServiceImpl extends BaseService implements DmpPermissi
return permission; return permission;
} }
/**
*获取所有资源
*/
@Override
public List<DmpPermission> findAllList() {
List<DmpPermission> permissions = new ArrayList<DmpPermission>();
try {
List<DmpPermissionDto> permissionDtos = dmpPermissionMapper.findAllListWithUrlNotNull();
permissions = MyDmpPermissionConverter.INSTANCE().dto2domain(permissionDtos);
} catch (Exception e) {
e.printStackTrace();
logger.info("获取所有资源接口异常:{}", e);
}
return permissions;
}
} }
...@@ -328,4 +328,12 @@ ...@@ -328,4 +328,12 @@
</choose> </choose>
</select> </select>
<!-- 条件查询URL不为null资源-->
<select id="findAllListWithUrlNotNull" resultMap="BaseDtoResultMap">
SELECT
<include refid="BaseDto_Column_List"/>
FROM dmp_permission
WHERE permission_url IS NOT NULL
</select>
</mapper> </mapper>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment